Generation of policy-rich websites from declarative models

Chang, Felix Sheng-Ho

Author(s)

Chang, Felix Sheng-Ho

DownloadFull printable version (23.61Mb)

Other Contributors

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

Advisor

Daniel Jackson.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

Protecting sensitive data stored behind online websites is a major challenge, but existing techniques are inadequate. Automated website builders typically offer very limited options for specifying custom access policies. Manually adding access policy checks to website code is tedious and error-prone, and it is currently not. feasible to automatically verify that a website conforms to its required access policy. Furthermore, policies change over time, and it can be costly to modify an existing website to reflect the changes or to certify that the modified website still complies with the desired policy. This research presents a declarative modeling approach designed to address these issues, where the data model and the access policy are specified using Alloy, and tile Weballoy tool automatically generates a dynamic website that guarantees the access policy by construction.

Description

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009.

Includes bibliographical references (p. 89-93).

Date issued

2009

URI

http://hdl.handle.net/1721.1/46617

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Doctoral Theses